Retail Technology
| Log in | Subscribe



Subscribe | Log in
Retail Technology
Subscribe

Giesecke & Devrient and ARM team up to protect mobile applications from data theft   ARM and the specialist for security technology, Giesecke & Devrient (G&D) have announced a strategic partnership for the development of highly secure mobile phone platforms.  

Giesecke & Devrient and ARM team up to protect mobile applications from data theft

 

ARM and the specialist for security technology, Giesecke & Devrient (G&D) have announced a strategic partnership for the development of highly secure mobile phone platforms.

 

Through the combination of ARM TrustZone technology, which creates a protected area in advanced systems-on-chip, and the secure Mobicore operating system developed by G&D, sensitive applications such as electronic payment and online banking via mobile phone will be efficiently protected from security threats, the companies said. As a first step they will develop a joint prototype.

 

“We will be working with ARM to develop the security architecture for the next generation of mobile phones. This will enable people to access highly valuable services with convenience and security,” explaines Dr. Kai Grassie, head of the new business division at G&D.

 

Secure mobile transactions are growth driver

 

“ARM TrustZone technology is already an integral part of the ARM Cortex, a series processors which are currently being deployed in smartphones by many of the industry’s leading handset manufacturers,” said Ian Drew, executive vice president of marketing for ARM. “This collaboration with G&D will enable us to make rapid progress towards enabling secure transactions in next-generation mobile devices.”

 

Acceptance of mobile applications such as banking, ticketing and payment solutions rests on the security of device and background systems involved. For this reason, both companies have been working on innovative security concepts.

 

The interplay of TrustZone and Mobicore ensures that if online services require security sensitive functions, such as entry of username and password or data output on a display, these functions are transferred to the Mobicore high-security operating system running in the TrustZone protected area of an ARM application processor.

 

Technology isolates sensitive data from malware

 

As the security sensitive functions are executed, Mobicore maintains control of the secure area of a system-on-chip. Users can therefore be certain that the data they have entered, such as their username and password, cannot be manipulated by malware on the phone during a payment transaction, according to the partners.

 

ARM is also creating a range of training and architectural service packages based around a TrustZone / MobiCore reference system, which it said would

help reduce time-to-market for secure embedded system development. ARM will release its first secure system training course based around hardware system integration and the TrustZone application programming interface (API) next month. This will be followed by an ARM Active Assist on-site design review service package, a secure systems development training package based on Mobicore, the release of the TrustZone Address Space Controller to secure multiple regions in off-chip memory and the TrustZone reference system later in the year.

 

ARM and G&D will present their joint concepts at the Mobile World Congress from 15 to 18 February 2010, in Barcelona.